{"vulnerability": "cve-2026-4227", "sightings": [{"uuid": "1793b9a8-2382-485c-b150-abd07c7ec459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4227", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mhk4bi22lq2a", "content": "", "creation_timestamp": "2026-03-21T03:40:09.644524Z"}, {"uuid": "81dbb1cb-92b8-4ce3-a8fb-43195939c821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4227", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116238743317716735", "content": "", "creation_timestamp": "2026-03-16T12:01:05.653961Z"}, {"uuid": "63eaf7ce-047a-45fc-b04c-7fdd7e3e70b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42275", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlhkmz3vov2g", "content": "\ud83d\udfe0 CVE-2026-42275 - High (8.7)\n\nzrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42275/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-10T00:59:57.236758Z"}, {"uuid": "1b13b61b-48f1-4108-a0d2-63eb6e898cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42274", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcvppit5j2k", "content": "CVE-2026-42274 - Heimdall: Authorization bypass via path normalization mismatch\nCVE ID : CVE-2026-42274\n \n Published : May 8, 2026, 3:43 a.m. | 42\u00a0minutes ago\n \n Description : Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version...", "creation_timestamp": "2026-05-08T04:34:59.566181Z"}, {"uuid": "924e7b08-ba89-4066-9449-e77cae13f75c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42271", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcvztlzbz2q", "content": "CVE-2026-42271 - LiteLLM: Authenticated command execution via MCP stdio test endpoints\nCVE ID : CVE-2026-42271\n \n Published : May 8, 2026, 3:35 a.m. | 50\u00a0minutes ago\n \n Description : LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From ver...", "creation_timestamp": "2026-05-08T04:40:39.065435Z"}, {"uuid": "a2447c19-9299-4c17-8816-715ad152704f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42272", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcw5olsko2e", "content": "CVE-2026-42272 - Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation\nCVE ID : CVE-2026-42272\n \n Published : May 8, 2026, 3:40 a.m. | 45\u00a0minutes ago\n \n Description : Heimdall is a cloud native Identity Aware Proxy and Access Con...", "creation_timestamp": "2026-05-08T04:42:47.862379Z"}, {"uuid": "5123c8df-e500-466d-945e-e6f56915cd9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42273", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcwl7ndjp2c", "content": "CVE-2026-42273 - Heimdall: Case-sensitive host matching may lead to policy bypass\nCVE ID : CVE-2026-42273\n \n Published : May 8, 2026, 3:42 a.m. | 43\u00a0minutes ago\n \n Description : Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to versi...", "creation_timestamp": "2026-05-08T04:50:21.865175Z"}, {"uuid": "5eb19a95-0b3c-4b7d-a2d4-88d5d37e732c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42275", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlcxnwb3t42i", "content": "CVE-2026-42275 - zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write\nCVE ID : CVE-2026-42275\n \n Published : May 8, 2026, 3:45 a.m. | 40\u00a0minutes ago\n \n Description : zrok is software for sharing web services, files, and network res...", "creation_timestamp": "2026-05-08T05:09:46.647301Z"}, {"uuid": "4dd9217d-c62d-4f84-bb20-aaa26dd5553c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42278", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mld4vebsjp2e", "content": "CVE-2026-42278 - UltraDAG: Smart Account Spending Policy Bypass via Pockets\nCVE ID : CVE-2026-42278\n \n Published : May 8, 2026, 5:16 a.m. | 1\u00a0hour, 4\u00a0minutes ago\n \n Description : UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngin...", "creation_timestamp": "2026-05-08T06:43:27.979739Z"}, {"uuid": "7f03d412-bae6-47ba-b907-646635370b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42271", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlhknapjpo2t", "content": "\ud83d\udfe0 CVE-2026-42271 - High (8.8)\n\nLiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From versio...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-42271/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-10T01:00:04.170298Z"}, {"uuid": "44aaf2ed-a713-41b2-ac03-3d03d62f67af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42275", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlgtkuisrr2w", "content": "\ud83d\udccc CVE-2026-42275 - zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend (davServer.Dir) restric... https://www.cyberhub.blog/cves/CVE-2026-42275", "creation_timestamp": "2026-05-09T18:07:07.858922Z"}, {"uuid": "23fbda2e-a350-4fb0-ad71-81a89ab906a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42271", "type": "published-proof-of-concept", "source": "Telegram/zNPCcRZLVUnG7MzXxuguKud9BYCf7Gj51sr3J84x37QbILk", "content": "", "creation_timestamp": "2026-05-20T09:00:05.000000Z"}, {"uuid": "974e787c-acf7-4bd3-9a0e-2dff2c6fe6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42271", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-42271.yaml", "content": "", "creation_timestamp": "2026-06-02T16:26:11.000000Z"}]}